SWCU185G January 2018 – June 2024 CC1312PSIP , CC1312R , CC1352P , CC1352R , CC2642R , CC2642R-Q1 , CC2652P , CC2652PSIP , CC2652R , CC2652RB , CC2652RSIP , CC2662R-Q1
The sequencer controls modular inversion operation. Table 13-29 lists the function that is an extension of basic PKCP functions with the following exceptions:
Function | Mathematical Operation | Vector A | Vector B | Vector C | Vector D |
---|---|---|---|---|---|
ModInv | A–1 mod B → D | NumToInvert length = A_Len | Modulus length = B_Len | Not used | Result and workspace |
Table 13-30 lists the PKA_SHIFT result values.
Function | PKA Shift Register Field Value at Conclusion |
---|---|
ModInv | 0 → success; Vector D holds the result 7 → no inverse exists [GCD (A, B) ≠ 1 (that is, A and B have common factors); result undefined 31 → error; modulus even-numbered, result undefined Other values are reserved. |
Table 13-31 and Table 13-32 list the restrictions on the input and result vectors for ModInv operations.
Function | Requirements |
---|---|
ModInv | 0 < A_Len ≤ Max_Len 0 < B_Len ≤ Max_Len Modulus B must be odd-numbered (that is, the LSB must be 1). Modulus B may not have a value of 1 (result is undefined, no error indicated). The highest word of the modulus vector (indicated by B_Len) may not be 0. |
Function | Result Vector | Restrictions |
---|---|---|
ModInv | D | Scratchpad area starting at D may not overlap with any other vectors. |
Table 13-33 lists the required scratchpad sizes for the ModInv operation.
Function | Scratchpad Area Size (in 32-Bit Words), Result Vector is B_Len 32-Bit-Words Long |
---|---|
ModInv | 5 × [M + ε (M)], with M = Max(A_Len, B_Len) |
The ModInv operation requires the modulus to be odd-numbered; this appears to make the operation useless with RSA key generation, where the private key exponent d is derived from a chosen public exponent e as in Equation 2:
where:
In Equation 2, φ is even-numbered. However, because e must be odd-numbered (or no inverse exists), d can be calculated as in Equation 3.
With four basic PKCP operations, ModInv can be used to find inverse values if the modulus is even.
Modular inversion can be performed with a modular exponentiation using the modulus value minus 2 as exponent, provided the modulus value is prime; this is because (under the constraint that M is prime):
With the large PKA engines containing an LNME, it is worthwhile to check whether this method is faster than using the ModInv operation directly. The modulus values for the ECC curves supported by this PKA engine must be prime so this method can be used in ECDSA operations.